I guess we should refuse to run threads from different uids on onephysical core...

> and/or you use properly implemented crypto code (see Bruce Schneider's> books). The timing "problem" isn't really SMT specific. If you have> improperly implemented crypto (eg crypto code where the code paths and> not just the data payload are key dependent) then on any system with> more than one (logical) processor there is interference that an> attacker can use.> > The only possible answer is to use proper implementation; turning off HT> may make you feel good but you go from shoddy crypto for which there is> some internet papers on how to crack it, to shoddy crypto for which the> same papers apply ;)

It is not only timing. If attacker has access to detailed cache missstatistics, things are easier for him... I probably should review thebooks, but even if code paths are key-independend (hard), you'll gettiming differences due to [data] cache misses...?